The Stroz Friedberg Cyber Brief

A federal grand jury in Baltimore indicted Harold Martin, a former government contractor, with 20 counts of willful retention of national defense information. His theft of classified information, which included documents from the NSA, CIA, and Cyber Command, allegedly occurred over a period of two decades and may have been the largest in U.S. history, officials say. If convicted, Martin faces up to ten years in prison for each count. He is scheduled to make his first court appearance on Tuesday.

Legal analysts note that because prosecutors did not charge Martin with espionage, a more serious crime, it was very likely there was no evidence he tried to pass the information he stole on to third parties. Martin, rather, appears to be a compulsive hoarder. Federal agents who raided his Maryland home in August last year found mass quantities of classified material in his home, in his shed, in his car, and even in a portfolio he was holding when he was arrested. (Reuters, McClatchy, Politico, DOJ)

COURTS

Trump Travel Ban: Dozens of tech companies applauded a federal appellate court’s decision to maintain a nationwide injunction on the president’s executive order that blocked U.S. entry to travelers from seven predominantly Muslim countries. Silicon Valley firms spearheaded the corporate dissent against the order. Within two days of its signing, a wide swath of tech companies began condemning it. Google co-founder Sergey Brin made headlines for attending a protest against the order at San Francisco’s airport.(WSJ)

HACKERS

Tallinn 2.0: A group of cybersecurity law experts commissioned by NATO released an update to the 2013 “Tallinn Manual.” Their handbook, which deals with international law applicable to cyber operations, explores recent cases of state-sponsored hacking including the Sony, OPM, and DNC attacks, which are considered “below the threshold” of armed conflict. (Forbes, FCW)

Journalists: Google has reportedly warned a number of prominent journalists that state-sponsored hackers are attempting to break into their email accounts. Some speculate the attempts are by Russian hackers looking for material that could embarrass journalists by revealing a political bias. (Politico)

Fileless Malware: A new type of malicious software has infected more than 140 financial institutions, government organizations, and telecom companies across 40 countries. It’s especially insidious, experts say, because it hides in parts of the computer that are difficult for normal users to access. (Wired)

Dark Web: A cyberattack disabled a large portion of the so-called dark web, knocking thousands of websites offline. The hackers published files, including communications of those involved in child pornography forums, that may help law enforcement investigations. (WSJ)

Spyware: Some analysts say that recent revelations that opponents of a national soda tax in Mexico sent harassing texts to several policymakers and activists highlight the threat posed by an unregulated commercial spyware industry. (NYT)

ON THE HILL

Email Privacy Act: The House of Representatives voted on a bill favored by many privacy advocates and tech firms that would require law enforcement to obtain a search warrant to access emails from service providers. Currently, federal agencies only need a subpoena, which is subject to less judicial oversight. (Reuters)

Yahoo Hack: Sens. John Thune (R-SD) and Jerry Moran (R-KS) reprimanded Yahoo CEO Marissa Mayer in a letter for her company’s failure to answer questions about its massive data breaches and for abruptly canceling a recent meeting with congressional staffers. (WSJ)

Team Trump: Analysts say the man the president has tapped to be a top cybersecurity advisor, Tom Bossert, a former DHS official under George W. Bush, could be a “voice of reason” in the new administration. Bossert will share responsibility on cybersecurity and counterterrorism with National Security Adviser Michael Flynn. (Wired)

DOD

Army: The Army reportedly has 30 cyber teams at full operational capability and expects to have 11 more by year’s end. The service has a tactical field manual for cyber, but has not yet laid out an explicit policy for how and when it would use offensive cyber weapons. (Defense One)

PRIVATE SECTOR

Lloyds: The bank is the latest institution to join a new British cybersecurity group for banks called the Cyber Defence Alliance. The London-based group was created to facilitate sharing of information following cybersecurity incidents. (Reuters)

Facebook: The social media giant has pledged to undergo audits by the media industry’s measurement watchdog, the Media Rating Council. The move is in response to criticism that Facebook exaggerates its metrics to boost ad sales. (WSJ)

Ford: The U.S. automaker announced plans to invest $1 billion over the next five years in Argo AI, an artificial intelligence startup. The move is Ford’s biggest effort to move into self-driving car research. (NYT)

LA Tech Hub? Many in Los Angeles are hoping that Snap's IPO, expected to attract more than $20 billion, will help the southern California city become a hotspot for tech entrepreneurs. In the last couple of years, cities like Venice and Santa Monica have started to lure many start-ups. The metropolitan area reportedly trains more software engineers than any other in the U.S. (FT)

THE WORLD

Italy: The Russian government is suspected to have been behind a sustained cyberattack against the Italian foreign ministry last year that compromised email communications. The news could stoke concerns that the Kremlin may be seeking to influence the next Italian election, which might come as early as June. (Guardian)

Austria: The country’s parliament said that a Turkish Islamist group claimed responsibility for a cyberattack that disabled its website for 20 minutes last weekend. The hacking was apparently in retaliation for Vienna’s pushing the EU to abandon accession talks with Turkey following President Tayyip Erdogan’s crackdown on dissent. (Reuters)

Russia: Cybersecurity experts in the country have reportedly scaled back cooperation with Western contacts after Ruslan Stoyanov, head of the computer incidents investigation team at Kaspersky Lab, was arrested in Moscow on treason charges. (Reuters)

MUST READS

Virtual Sovereignty Can Help Govern Our Data: "What if a government needs to access the emails of a child pornographer? Under the Microsoft Ireland model, it would have to know where the data are located before knowing who to ask or how to obtain that information. This means that data are subject to piecemeal protections — it matters less who or where you are than it does where your data are being stored. Fixing this framework is as necessary for individuals, who seek to protect their privacy, as it is for governments, who may seek access to that data. But how? The answer lies in tying data protections to the locations of users, or what we call ‘virtual sovereignty,’” writes Andrew Burt in the Financial Times.

World Needs to Police Anarchy in Cyberspace: “The goal should be to create international arrangements—a “regime” in academic jargon—that would encourage certain uses of cyberspace and discourage others. Governments should be persuaded or pressured to accept the obligation to act consistently with this regime and to do all in their power to stop those acting from its territory who do not. Needed are agreements in practice, not just in principle,” writes Richard Haass in Fortune.

How We Got to the Age of Mass Surveillance: “In her book, [Jennifer] Granick presents an expansive overview of the national-security legal landscape. However, despite being geared largely toward attorneys and academics, American Spies can be easily understood by anyone with even a passing familiarity with touchstone concepts that have graced the pages of Ars Technica in recent years, including Edward Snowden, Section 702, and Executive Order 12333,” writes Cyrus Farivar in this book review on Ars Technica.